From c22f792b55b7868d1c51ac8a0e367b1cbab95eae Mon Sep 17 00:00:00 2001
From: Cute Omega <92797441+cute-omega@users.noreply.github.com>
Date: Fri, 24 Apr 2026 14:38:28 +0800
Subject: [PATCH] Potential fix for code scanning alert no. 8: Unsafe shell
 command constructed from library input

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 packages/core/src/shell/shell.js | 28 ++++++++++++++++++++++++----
 1 file changed, 24 insertions(+), 4 deletions(-)

diff --git a/packages/core/src/shell/shell.js b/packages/core/src/shell/shell.js
index 1dd40bd5eb..7010f983c6 100644
--- a/packages/core/src/shell/shell.js
+++ b/packages/core/src/shell/shell.js
@@ -59,16 +59,36 @@ class WindowsSystemShell extends SystemShell {
         ps.dispose()
       }
     } else {
-      let compose = 'chcp 65001' // 'chcp 65001  '
+      await childExecCmdWindows('chcp 65001', args)
+      let ret
       for (const cmd of cmds) {
-        compose += ` && ${cmd}`
+        ret = await childExecCmdWindows(cmd, args)
       }
-      // compose += '&& exit'
-      return await childExec(compose, args)
+      return ret
     }
   }
 }
 
+function childExecCmdWindows (cmd, options = {}) {
+  return new Promise((resolve, reject) => {
+    const execOptions = { ...options }
+    delete execOptions.type
+    delete execOptions.printErrorLog
+
+    log.info('shell:', cmd)
+    childProcess.execFile('cmd.exe', ['/d', '/s', '/c', cmd], execOptions, (error, stdout, stderr) => {
+      if (error) {
+        if (options.printErrorLog !== false) {
+          log.error('cmd 命令执行错误：\n===>\ncommands:', cmd, '\n   error:', error, '\n<===')
+        }
+        reject(new Error(stderr))
+      } else {
+        resolve(stdout.replace('Active code page: 65001\r\n', ''))
+      }
+    })
+  })
+}
+
 function childExec (composeCmds, options = {}) {
   return new Promise((resolve, reject) => {
     log.info('shell:', composeCmds)